x-kom hosting

Log z Combofix do sprawdzenia.

Agata05
utworzono
utworzono (edytowane)

Szukałam na forum miejsca gdzie mogę umieścić log z combofixa, nie znalazłam dlatego wstawiam temat tutaj. Chodzi o log CF z Windowsa XP.
Proszę o sprawdzenie i odpowiedź czy CF wykrył wirusy, programy szpiegowskie ?
Z góry dziękuję. :)

[log]ComboFix 10-07-22.01 - Komputer 2010-07-23 13:13:58.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1014.317 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Komputer\Pulpit\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((( Pliki utworzone od 2010-06-23 do 2010-07-23 )))))))))))))))))))))))))))))))
.

2010-07-15 06:09 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-23 11:16 . 2010-04-18 16:09 -------- d-----w- c:\documents and settings\Komputer\Dane aplikacji\Free Download Manager
2010-07-23 11:14 . 2010-03-05 12:04 -------- d-----w- c:\program files\Common Files\Akamai
2010-07-23 10:27 . 2010-04-18 16:09 -------- d-----w- c:\documents and settings\Komputer\Dane aplikacji\Software Informer
2010-06-14 14:31 . 2004-09-17 14:08 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-11 09:49 . 2008-07-28 09:44 1 ----a-w- c:\documents and settings\Komputer\Dane aplikacji\OpenOfficeT72\user\uno_packages\cache\stamp.sys
2010-06-11 09:48 . 2008-07-28 09:44 -------- d-----w- c:\documents and settings\Komputer\Dane aplikacji\OpenOfficeT72
2010-06-07 06:18 . 2010-01-04 07:25 -------- d-----w- c:\documents and settings\Komputer\Dane aplikacji\HpUpdate
2010-05-28 11:46 . 2010-05-28 11:46 503808 ----a-w- c:\documents and settings\Komputer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3a939013-n\msvcp71.dll
2010-05-28 11:46 . 2010-05-28 11:46 499712 ----a-w- c:\documents and settings\Komputer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3a939013-n\jmc.dll
2010-05-28 11:46 . 2010-05-28 11:46 348160 ----a-w- c:\documents and settings\Komputer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3a939013-n\msvcr71.dll
2010-05-28 11:46 . 2010-05-28 11:46 61440 ----a-w- c:\documents and settings\Komputer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5b6186c1-n\decora-sse.dll
2010-05-28 11:46 . 2010-05-28 11:46 12800 ----a-w- c:\documents and settings\Komputer\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5b6186c1-n\decora-d3d.dll
2010-05-06 10:35 . 2004-09-17 13:46 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:09 . 2004-09-17 13:46 1851520 ----a-w- c:\windows\system32\win32k.sys
2008-08-14 07:48 . 2008-08-14 07:48 14290 ----a-w- c:\program files\settings.dat
.

((((((((((((((((((((((((((((( SnapShot@2010-06-05_11.55.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-07-23 06:14 . 2010-07-23 06:14 16384 c:\windows\Temp\Perflib_Perfdata_744.dat
+ 2010-07-23 06:14 . 2010-07-23 06:14 16384 c:\windows\Temp\Perflib_Perfdata_498.dat
+ 2009-11-05 20:17 . 2009-11-05 20:17 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2007-08-13 16:54 . 2010-05-06 10:35 55296 c:\windows\system32\msfeedsbs.dll
- 2007-08-13 16:54 . 2010-02-25 06:19 55296 c:\windows\system32\msfeedsbs.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 25600 c:\windows\system32\jsproxy.dll
- 2004-09-17 13:46 . 2010-02-25 06:19 25600 c:\windows\system32\jsproxy.dll
- 2009-07-06 05:55 . 2010-02-25 06:19 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-07-06 05:55 . 2010-05-06 10:35 12800 c:\windows\system32\dllcache\xpshims.dll
- 2008-08-03 17:51 . 2010-02-25 06:19 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-08-03 17:51 . 2010-05-06 10:35 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2004-09-17 13:46 . 2010-02-25 06:19 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-03-05 14:39 . 2010-03-05 14:39 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2004-09-17 13:45 . 2010-03-05 14:39 65536 c:\windows\system32\asycfilt.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-03-31 13:32 . 2010-03-31 13:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 17:19 . 2003-02-20 17:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-03-31 13:32 . 2010-03-31 13:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-06-15 12:05 . 2010-06-15 12:05 21504 c:\windows\Installer\666457b.msi
+ 2010-06-11 09:56 . 2010-02-25 06:19 12800 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2010-06-11 09:56 . 2010-02-25 06:19 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2010-06-11 09:56 . 2010-02-25 06:19 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2010-06-11 09:57 . 2010-06-11 09:57 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_4187e6d3\System.Drawing.Design.dll
+ 2010-06-11 09:57 . 2010-06-11 09:57 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_70651969\CustomMarshalers.dll
+ 2010-06-11 09:57 . 2010-06-11 09:57 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-11 09:55 . 2008-04-14 17:20 65024 c:\windows\$NtUninstallKB979482$\asycfilt.dll
+ 2010-06-11 09:56 . 2008-07-08 13:20 26488 c:\windows\$hf_mig$\KB982381-IE8\update\spcustom.dll
+ 2010-06-11 09:56 . 2008-07-08 13:20 19320 c:\windows\$hf_mig$\KB982381-IE8\spmsg.dll
+ 2010-06-11 06:32 . 2010-05-06 10:28 12800 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\xpshims.dll
+ 2010-06-11 06:32 . 2010-05-06 10:28 55296 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\msfeedsbs.dll
+ 2010-06-11 06:32 . 2010-05-06 10:28 25600 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\jsproxy.dll
+ 2010-06-11 09:57 . 2009-05-26 11:43 26488 c:\windows\$hf_mig$\KB980218\update\spcustom.dll
+ 2010-06-11 09:57 . 2009-05-26 11:43 19320 c:\windows\$hf_mig$\KB980218\spmsg.dll
+ 2010-06-11 09:57 . 2008-07-08 13:20 26488 c:\windows\$hf_mig$\KB980195\update\spcustom.dll
+ 2010-06-11 09:57 . 2008-07-08 13:20 19320 c:\windows\$hf_mig$\KB980195\spmsg.dll
+ 2010-06-11 09:56 . 2009-05-26 09:02 26488 c:\windows\$hf_mig$\KB979559\update\spcustom.dll
+ 2010-06-11 09:56 . 2009-05-26 09:02 19320 c:\windows\$hf_mig$\KB979559\spmsg.dll
+ 2010-06-11 09:55 . 2009-05-26 11:43 26488 c:\windows\$hf_mig$\KB979482\update\spcustom.dll
+ 2010-06-11 09:55 . 2009-05-26 11:43 19320 c:\windows\$hf_mig$\KB979482\spmsg.dll
+ 2010-03-05 14:53 . 2010-03-05 14:53 65536 c:\windows\$hf_mig$\KB979482\SP3QFE\asycfilt.dll
+ 2010-06-11 09:54 . 2008-07-08 13:20 26488 c:\windows\$hf_mig$\KB975562\update\spcustom.dll
+ 2010-06-11 09:54 . 2008-07-08 13:20 19320 c:\windows\$hf_mig$\KB975562\spmsg.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 206848 c:\windows\system32\occache.dll
- 2004-09-17 13:46 . 2010-02-25 06:19 206848 c:\windows\system32\occache.dll
- 2004-09-17 13:46 . 2010-02-25 06:19 611840 c:\windows\system32\mstime.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 611840 c:\windows\system32\mstime.dll
+ 2007-08-13 16:54 . 2010-05-06 10:35 599040 c:\windows\system32\msfeeds.dll
- 2004-09-17 13:46 . 2010-02-25 06:19 184320 c:\windows\system32\iepeers.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 184320 c:\windows\system32\iepeers.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 387584 c:\windows\system32\iedkcs32.dll
- 2004-09-17 13:46 . 2010-02-25 06:19 387584 c:\windows\system32\iedkcs32.dll
- 2004-09-17 13:46 . 2010-02-24 09:57 173056 c:\windows\system32\ie4uinit.exe
+ 2004-09-17 13:46 . 2010-05-05 13:30 173056 c:\windows\system32\ie4uinit.exe
- 2004-09-17 15:59 . 2009-11-13 07:37 304416 c:\windows\system32\FNTCACHE.DAT
+ 2004-09-17 15:59 . 2010-06-11 09:59 304416 c:\windows\system32\FNTCACHE.DAT
- 2004-09-17 13:46 . 2010-02-25 06:19 916480 c:\windows\system32\dllcache\wininet.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 916480 c:\windows\system32\dllcache\wininet.dll
- 2004-09-17 13:46 . 2010-02-25 06:19 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 611840 c:\windows\system32\dllcache\mstime.dll
- 2004-09-17 13:46 . 2010-02-25 06:19 611840 c:\windows\system32\dllcache\mstime.dll
+ 2008-08-03 17:51 . 2010-05-06 10:35 599040 c:\windows\system32\dllcache\msfeeds.dll
- 2009-07-06 05:55 . 2010-02-25 06:19 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-07-06 05:55 . 2010-05-06 10:35 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2004-09-17 13:46 . 2010-02-25 06:19 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-11 06:32 . 2010-05-06 10:35 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-09-17 13:46 . 2010-02-25 06:19 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-09-17 13:46 . 2010-05-05 13:30 173056 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-09-17 13:46 . 2010-02-24 09:57 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2010-04-20 05:34 . 2010-04-20 05:34 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2004-09-17 13:45 . 2010-04-20 05:34 285696 c:\windows\system32\atmfd.dll
- 2004-09-17 13:45 . 2008-04-14 17:00 285696 c:\windows\system32\atmfd.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2010-03-31 12:49 . 2010-03-31 12:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-03-31 13:32 . 2010-03-31 13:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-06-11 09:56 . 2010-02-25 06:19 916480 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2010-06-11 09:56 . 2010-02-22 14:42 398200 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2010-06-11 09:56 . 2008-07-08 13:20 234360 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2010-06-11 09:56 . 2010-02-25 06:19 206848 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2010-06-11 09:56 . 2010-02-25 06:19 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2010-06-11 09:56 . 2010-02-25 06:19 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2010-06-11 09:56 . 2010-02-25 06:19 247808 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2010-06-11 09:56 . 2010-02-25 06:19 184320 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2010-06-11 09:56 . 2009-03-08 02:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2010-06-11 09:56 . 2010-02-25 06:19 387584 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2010-06-11 09:56 . 2010-02-24 09:57 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2010-06-11 09:57 . 2010-06-11 09:57 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_865d1c5d\System.Drawing.dll
+ 2010-06-11 09:57 . 2009-05-26 11:43 398200 c:\windows\$NtUninstallKB980218$\spuninst\updspapi.dll
+ 2010-06-11 09:57 . 2009-05-26 11:43 234360 c:\windows\$NtUninstallKB980218$\spuninst\spuninst.exe
+ 2010-06-11 09:57 . 2008-04-14 17:00 285696 c:\windows\$NtUninstallKB980218$\atmfd.dll
+ 2010-06-11 09:57 . 2008-07-08 13:20 398200 c:\windows\$NtUninstallKB980195$\spuninst\updspapi.dll
+ 2010-06-11 09:57 . 2008-07-08 13:20 234360 c:\windows\$NtUninstallKB980195$\spuninst\spuninst.exe
+ 2010-06-11 09:56 . 2009-05-26 11:43 398200 c:\windows\$NtUninstallKB979559$\spuninst\updspapi.dll
+ 2010-06-11 09:56 . 2009-05-26 09:02 234360 c:\windows\$NtUninstallKB979559$\spuninst\spuninst.exe
+ 2010-06-11 09:55 . 2009-05-26 11:43 398200 c:\windows\$NtUninstallKB979482$\spuninst\updspapi.dll
+ 2010-06-11 09:55 . 2009-05-26 11:43 234360 c:\windows\$NtUninstallKB979482$\spuninst\spuninst.exe
+ 2010-06-11 09:55 . 2007-07-27 21:11 382840 c:\windows\$NtUninstallKB978695_WM9$\spuninst\updspapi.dll
+ 2010-06-11 09:55 . 2007-07-27 19:06 234360 c:\windows\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe
+ 2010-06-11 09:54 . 2009-05-26 11:43 398200 c:\windows\$NtUninstallKB975562$\spuninst\updspapi.dll
+ 2010-06-11 09:54 . 2008-07-08 13:20 234360 c:\windows\$NtUninstallKB975562$\spuninst\spuninst.exe
+ 2010-06-11 09:56 . 2010-02-22 14:42 398200 c:\windows\$hf_mig$\KB982381-IE8\update\updspapi.dll
+ 2010-06-11 09:56 . 2009-05-26 11:43 763256 c:\windows\$hf_mig$\KB982381-IE8\update\update.exe
+ 2010-06-11 09:56 . 2008-07-08 13:20 234360 c:\windows\$hf_mig$\KB982381-IE8\spuninst.exe
+ 2010-06-11 06:32 . 2010-05-06 10:28 919040 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
+ 2010-06-11 06:32 . 2010-05-06 10:28 206848 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\occache.dll
+ 2010-06-11 06:32 . 2010-05-06 10:28 611840 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mstime.dll
+ 2010-06-11 06:32 . 2010-05-06 10:28 599040 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\msfeeds.dll
+ 2010-06-11 06:32 . 2010-05-06 10:28 247808 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\ieproxy.dll
+ 2010-06-11 06:32 . 2010-05-06 10:28 184320 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\iepeers.dll
+ 2010-06-11 06:32 . 2010-05-06 10:28 743424 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\iedvtool.dll
+ 2010-06-11 06:32 . 2010-05-06 10:28 387584 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\iedkcs32.dll
+ 2010-06-11 06:32 . 2010-05-05 13:56 173056 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\ie4uinit.exe
+ 2010-06-11 09:57 . 2009-05-26 11:43 398200 c:\windows\$hf_mig$\KB980218\update\updspapi.dll
+ 2010-06-11 09:57 . 2009-05-26 11:43 763256 c:\windows\$hf_mig$\KB980218\update\update.exe
+ 2010-06-11 09:57 . 2009-05-26 11:43 234360 c:\windows\$hf_mig$\KB980218\spuninst.exe
+ 2010-04-20 05:38 . 2010-04-20 05:38 285824 c:\windows\$hf_mig$\KB980218\SP3QFE\atmfd.dll
+ 2010-06-11 09:57 . 2008-07-08 13:20 398200 c:\windows\$hf_mig$\KB980195\update\updspapi.dll
+ 2010-06-11 09:57 . 2008-07-08 13:20 763256 c:\windows\$hf_mig$\KB980195\update\update.exe
+ 2010-06-11 09:57 . 2008-07-08 13:20 234360 c:\windows\$hf_mig$\KB980195\spuninst.exe
+ 2010-06-11 09:56 . 2009-05-26 11:43 398200 c:\windows\$hf_mig$\KB979559\update\updspapi.dll
+ 2010-06-11 09:56 . 2009-05-26 11:43 763256 c:\windows\$hf_mig$\KB979559\update\update.exe
+ 2010-06-11 09:56 . 2009-05-26 09:02 234360 c:\windows\$hf_mig$\KB979559\spuninst.exe
+ 2010-06-11 09:55 . 2009-05-26 11:43 398200 c:\windows\$hf_mig$\KB979482\update\updspapi.dll
+ 2010-06-11 09:55 . 2009-05-26 11:43 763256 c:\windows\$hf_mig$\KB979482\update\update.exe
+ 2010-06-11 09:55 . 2009-05-26 11:43 234360 c:\windows\$hf_mig$\KB979482\spuninst.exe
+ 2010-06-11 09:54 . 2009-05-26 11:43 398200 c:\windows\$hf_mig$\KB975562\update\updspapi.dll
+ 2010-06-11 09:54 . 2009-05-26 11:43 763256 c:\windows\$hf_mig$\KB975562\update\update.exe
+ 2010-06-11 09:54 . 2008-07-08 13:20 234360 c:\windows\$hf_mig$\KB975562\spuninst.exe
+ 2004-09-17 13:46 . 2010-04-06 02:52 2462720 c:\windows\system32\WMVCore.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 1209344 c:\windows\system32\urlmon.dll
- 2004-09-17 13:46 . 2010-02-25 06:19 1209344 c:\windows\system32\urlmon.dll
- 2004-09-17 13:46 . 2009-11-27 17:14 1295360 c:\windows\system32\quartz.dll
+ 2004-09-17 13:46 . 2010-02-05 18:27 1295360 c:\windows\system32\quartz.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 5950976 c:\windows\system32\mshtml.dll
- 2007-08-13 16:34 . 2010-02-25 06:19 1985536 c:\windows\system32\iertutil.dll
+ 2007-08-13 16:34 . 2010-05-06 10:35 1985536 c:\windows\system32\iertutil.dll
+ 2004-09-17 13:46 . 2010-04-06 02:52 2462720 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-10-15 17:46 . 2010-05-02 08:09 1851520 c:\windows\system32\dllcache\win32k.sys
- 2004-09-17 13:46 . 2010-02-25 06:19 1209344 c:\windows\system32\dllcache\urlmon.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 1209344 c:\windows\system32\dllcache\urlmon.dll
- 2008-05-07 05:12 . 2009-11-27 17:14 1295360 c:\windows\system32\dllcache\quartz.dll
+ 2008-05-07 05:12 . 2010-02-05 18:27 1295360 c:\windows\system32\dllcache\quartz.dll
+ 2004-09-17 13:46 . 2010-05-06 10:35 5950976 c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-03 17:51 . 2010-05-06 10:35 1985536 c:\windows\system32\dllcache\iertutil.dll
- 2008-08-03 17:51 . 2010-02-25 06:19 1985536 c:\windows\system32\dllcache\iertutil.dll
- 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-03-31 12:50 . 2010-03-31 12:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-03-31 12:50 . 2010-03-31 12:50 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-06-11 09:56 . 2010-02-25 06:19 1209344 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
+ 2010-06-11 09:56 . 2010-02-25 06:19 5944832 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
+ 2010-06-11 09:56 . 2010-02-25 06:19 1985536 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2010-06-11 09:57 . 2010-06-11 09:57 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_9d2b14d6\System.dll
+ 2010-06-11 09:57 . 2010-06-11 09:57 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_1b51ac2e\System.Xml.dll
+ 2010-06-11 09:57 . 2010-06-11 09:57 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_09cd9696\System.Windows.Forms.dll
+ 2010-06-11 09:57 . 2010-06-11 09:57 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_74e50886\System.Design.dll
+ 2010-06-11 09:57 . 2010-06-11 09:57 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a4584bb2\mscorlib.dll
+ 2010-06-11 09:57 . 2010-06-11 09:57 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2009-10-14 13:49 . 2009-10-14 13:49 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-06-11 09:57 . 2010-06-11 09:57 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-14 13:49 . 2009-10-14 13:49 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-06-11 09:56 . 2009-08-14 15:15 1850880 c:\windows\$NtUninstallKB979559$\win32k.sys
+ 2010-06-11 09:55 . 2009-05-20 02:56 2458112 c:\windows\$NtUninstallKB978695_WM9$\wmvcore.dll
+ 2010-06-11 09:54 . 2009-11-27 17:14 1295360 c:\windows\$NtUninstallKB975562$\quartz.dll
+ 2010-06-11 06:32 . 2010-05-06 10:28 1209856 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\urlmon.dll
+ 2010-06-11 06:32 . 2010-05-06 10:28 5953024 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
+ 2010-06-11 06:32 . 2010-05-06 10:28 1986048 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\iertutil.dll
+ 2010-05-02 08:04 . 2010-05-02 08:04 1860608 c:\windows\$hf_mig$\KB979559\SP3QFE\win32k.sys
+ 2010-02-05 18:29 . 2010-02-05 18:29 1295360 c:\windows\$hf_mig$\KB975562\SP3QFE\quartz.dll
+ 2008-07-31 04:39 . 2010-07-02 19:39 34045896 c:\windows\system32\MRT.exe
+ 2007-08-13 16:54 . 2010-05-06 10:35 11076096 c:\windows\system32\ieframe.dll
+ 2008-08-03 17:51 . 2010-05-06 10:35 11076096 c:\windows\system32\dllcache\ieframe.dll
+ 2010-04-02 17:29 . 2010-04-02 17:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp
+ 2010-04-02 10:30 . 2010-04-02 10:30 17456640 c:\windows\Installer\c0168d.msp
+ 2010-06-11 09:56 . 2010-02-25 09:49 11070976 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2010-05-06 13:58 . 2010-05-06 13:58 11078144 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\ieframe.dll
.
-- Migawka wyzerowana --
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2010-04-15 3727407]
"Software Informer"="c:\program files\Software Informer\softinfo.exe" [2010-04-13 2285637]
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2010-03-23 1432064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-27 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-27 162328]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-27 137752]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 16377344]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-05-06 172032]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-04-16 202256]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-07 1461080]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
GlobeTrotter Connect.lnk - c:\program files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe [2008-4-21 798720]
Microsoft Find Fast.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1997-10-6 111376]
Uruchamianie pakietu Office.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1997-10-6 51984]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-06-10 35168]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [2004-09-17 14336]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 GtDetectSc;GtDetectSc;c:\program files\ERA\GlobeTrotter Connect\GtDetectSc.exe [2007-12-18 196704]
R2 IBG_gds_fe;InterBase 7.5 Guardian gds_fe;c:\program files\Borland\InterBase_Fe\bin\ibguard.exe -i "c:\program files\Borland\InterBase_Fe" -p gds_fe --> c:\program files\Borland\InterBase_Fe\bin\ibguard.exe -i c:\program files\Borland\InterBase_Fe [?]
R3 IBS_gds_fe;InterBase 7.5 Server gds_fe;c:\program files\Borland\InterBase_Fe\bin\ibserver.exe -i "c:\program files\Borland\InterBase_Fe" -p gds_fe --> c:\program files\Borland\InterBase_Fe\bin\ibserver.exe -i c:\program files\Borland\InterBase_Fe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-26 135664]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2008-02-18 106624]
S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2008-02-08 59648]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Zawartość folderu 'Zaplanowane zadania'

2010-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-26 08:49]

2010-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-26 08:49]

2010-07-23 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-165661689-3339724579-1180631552-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-07-23 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-165661689-3339724579-1180631552-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl/
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\Office\Office12\EXCEL.EXE/3000
IE: Funkcja Google Sidewiki - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Pobierz plik wideo we Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Pobierz w Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Pobierz wszystkie pliki w Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Pobierz zaznaczone w Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
TCP: {0573C8E0-1C16-4EC8-ABE3-012DBAAC8D04} = 194.204.159.1,194.204.152.34
DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxp://picasaweb.google.com/s/v/61.15/uploader2.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url]
Rootkit scan 2010-07-23 13:17
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'explorer.exe'(1656)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Czas ukończenia: 2010-07-23 13:18:31
ComboFix-quarantined-files.txt 2010-07-23 11:18
ComboFix2.txt 2010-06-05 11:56

Przed: 8 987 123 712 bajtów wolnych
Po: 9 144 479 744 bajtów wolnych

WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 28B7F5298C25725B0A9332E0F21BE7D[/log]

[color="#ff0000"]//przenoszę do logów do sprawdzenia
//dan[/color]

Sohei
komentarz
komentarz

Nie używaj combofix nigdy więcej na własną rękę.
c:\windows\system32\dllcache\helpsvc.exe poprawny plik został usunięty. Wchodzisz do folderu qoobox(bądź podobna nazwa) odnajdujesz w nim ten plik usuwasz mu rozserzenie .vir i wrzucasz go z powrotem do katalogu c:\windows\system32\dllcache!!!

Potem jak chcesz abym sprawdził twój komputer daj mi loga z OTL!

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.